From ed263d4a380036b654525ee268db615c17d0d216 Mon Sep 17 00:00:00 2001 From: Guilhem Moulin Date: Fri, 11 Dec 2020 18:28:32 +0100 Subject: test suite: supply our own OpenSSL configuration file with MinProtocol=None. So we can test TLSv1 as well, not just TLSv1.2 and later. Also, explicitly set ssl_min_protocol=TLSv1 in the Dovecot configuration file (the default as of 2.3.11.3), hence running TLS tests now require Dovecot 2.3 or later. --- Changelog | 6 ++++++ tests/config/dovecot/ssl.conf | 1 + tests/config/openssl.cnf | 14 ++++++++++++++ tests/run | 4 +++- tests/starttls/t | 2 +- tests/tls-verify-peer/t | 2 +- tests/tls/t | 2 +- 7 files changed, 27 insertions(+), 4 deletions(-) create mode 100644 tests/config/openssl.cnf diff --git a/Changelog b/Changelog index e21ccf7..01e272c 100644 --- a/Changelog +++ b/Changelog @@ -9,6 +9,12 @@ interimap (0.5.5) upstream; - libinterimap: use Net::SSLeay::get_version() to get the protocol version string. - test suite: `mv tests/snippets tests/config` + - test suite: supply our own OpenSSL configuration file with + MinProtocol=None so we can test TLSv1 as well, not just TLSv1.2 and + later. + - test suite: explicitly set ssl_min_protocol=TLSv1 in the Dovecot + configuration file (the default as of 2.3.11.3), hence running TLS + tests now require Dovecot 2.3 or later. -- Guilhem Moulin Fri, 11 Dec 2020 14:55:53 +0100 diff --git a/tests/config/dovecot/ssl.conf b/tests/config/dovecot/ssl.conf index 2d68c80..3fd99d5 100644 --- a/tests/config/dovecot/ssl.conf +++ b/tests/config/dovecot/ssl.conf @@ -2,3 +2,4 @@ ssl = required ssl_cert =